About this role
Overview
We are looking for an Information Security Analyst to support our security certifications, audits, and compliance programs. The role involves managing security standards like ISO 27001, SOC 2, SWIFT, and LAB audits, as well as assisting with third-party risk assessments and contract reviews.
Key Responsibilities
Support and maintain compliance for ISO 27001, SOC 2, SWIFT, and other security audits.
Coordinate internal and external audits, including evidence collection and tracking findings.
Maintain security policies, procedures, and audit documentation.
Assist with Third-Party Risk Management (TPRM) and review vendor security questionnaires.
Review security clauses in MSAs, SOW, DPAs, and other agreements.
Work with internal teams to ensure controls are implemented and maintained.
Support customer security assessments when needed.
Requirements
4–8 years of experience in information security, audit, or compliance.
Knowledge of ISO 27001, SOC 2, and other security frameworks.
Experience handling audits and preparing audit evidence.
Understanding of risk management and vendor security reviews.
Strong communication and documentation skills.
Good to Have
Experience in TPRM and contract/security clause review.
Familiarity with GRC tools.
Preferred Certifications
CISA, CISM, ISO 27001:2022 Lead Auditor (or similar).
Bachelors